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Abstract 





In today’s communications, the main challenging facet is Security of LTE systems in terms of various 
areas such as mutual authentication, key management, forward and backward secrecy, use of efficient 
security tools, etc. For proper key management, the generation and distribution of random keys is of main 
concern which can be done with the help of dynamic security tools. In this paper, main features of security 
tools like, Docker, Java Cryptography Architecture (JCA), Token-based authentication have been 
reviewed. Docker provides containerized environment based on application virtualization and also lighter 
than virtual machines. To define cryptographic concepts and algorithms, JCA cites design patterns and 
an extensible framework for Java platform. Token-based authentication method or system is used to 
provide secure user access to server using a token, like smart cards. 


Keywords: Docker, JCA, Key Management, Mutual Authentication, Token-based Authentication. 





1. Introduction 

In today’s world, almost all devices have been 
attached to Internet, as they can be operated from 
all over the world through Internet. So, Internet of 
Things (loT) plays vital role to fulfil the needs in 
present human life. The backbone of IoT is 
Artificial Intelligence that makes the system smart 
[1]. Besides the pros of IoT like mitigation of 
human intervention, more processing speed and 
accuracy; there are some of cons of IoT like 
vulnerability to attacks in terms of security issues. 
Cryptography can be used to _ provide 
confidentiality, mutual authentication, integrity, 
and other security services. Mutual Authentication 
is a security feature in which a client must prove its 
identity to a server, and the server must prove its 
identity to the client, before any application traffic 
is sent over the client-to-server connection [2]. 
Various cryptography tools are available to ratify 
the security issues in terms of authentication for 
users by using appropriate key management. By 
using public and private keys, one can authenticate 
the user’s identity rather than requiring secret 


passwords from user. Password or secret key 
authentication is more vulnerable to dictionary and 
man-in-the-middle attacks. A pair of asymmetric 
keys is assigned to each user for authentication 
using server’s pubic key encryption and client’s 
private key decryption [3]. Git Bash and PuTTY gen 
tools can be used to generate asymmetric keys for 
Windows platform. A longwith key management, 
token-based authentication can be used as an 
additional protective measure electronically. 
Security tokens are tools used to verify user’s 
identity by which they can access a particular 
service. Security tokens may be in the form of 
authentication tokens, cryptographic tokens, 
hardware or software tokens, USB tokens, or key 
fobs [4]. Java Cryptography Architecture (JCA) is 
based on conventional public key cryptography and 
does not support group-oriented cryptography. JCA 
uses provider architecture and contains a set of 
Application Programming Interfaces (API) for 
digital signatures, key generation and management, 
and certificates [5]. Java Security API is set of 
packages, such as java.security, 
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java.security.interfaces, etc., to develop secure 
applications in Java. JCA also supports famous 
algorithms like AES, DES, 3DES, Blowfish, and 
Twofish etc. By using Docker application, the user 
can set up programs in sandbox packages called 
containers having all required dependencies. For 
more scalable and secure environments, demand for 
virtual technologies has been increased 
dramatically. Container-based __ virtualization 
(Docker) and hypervisor-based virtualization are 
the two methods available for virtualization 
solutions that provides their services at software 
level and hardware level respectively. Docker is an 
open source container technology with the ability to 
"build, ship, and run distributed applications" [6]. It 
is commonly used in some popular applications, 
such as Spotify, Yelp, and Ebay. Docker application 
consists of two major components: Docker engine, 
which is an open source solution and lightweight 
packaging tool depends on_ container-based 
virtualization and Docker Hub, which is a 
Software-as-a-Service platform. Docker provides 
the user the ability to start the processes in a 
container with a different SELinux type, through 
the ‘—security-opt parameter’ leading to an increase 
of security in Docker. Docker’s security relies on 
three components, i.e., isolation of processes at 
userspace level managed by the Docker daemon, 
enforcement of this isolation by the kernel, and 
network operations security [7]. 


2. Literature Survey 

In 2013, Wu-Chuan Yang and Jian-Xun Lee 
proposed a method for developers to write and 
maintain any stream cipher algorithm in Java 
Cryptography Algorithm (JCA). An abstract class, 
namely CipherSpi, has been developed and 
implemented included by 14 abstract methods for 
block cipher and stream cipher encryption. The 
stream cipher service is proved better than block 
cipher service for Java platforms [8]. 

In 2014, Alexandre Melo Braga, Eduardo Moraes 
de Morais described about the construction of 
cryptographic library for Android devices in terms 
of design decisions and implementation issues of 
standard as well as non-standard algorithms both. 
The cryptographic library for Android platform has 
been designed based on standard cryptographic API 
for Java, Java Cryptography Algorithm (JCA) and 
its design principles. The performance of Java 
programs has been evaluated in terms of elapsed 
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time to process a single block of data [9]. In 2016, 
Jeeva Chelladhurai et al. discussed about security of 
Docker containers by avoiding DoS attacks. 
Containers are highy vulnerable to DoS attacks due 
to direct communication with host kernel. A novel 
security approach has been proposed to improve the 
safety of Docker containers against threat of DoS 
attacks [10]. In 2016, Alexandre Braga and Ricardo 
Dahab~ discussed about squandering’ of 
cryptography by software developers in online 
forums about security aspects. Data mining 
technique Apriori has been implemented to 
determine cryptography misuse in terms of 
cryptography-based security and cryptographic 
programming. Three programming forums, namely 
Oracle Java Cryptography (OJC) using Java 
Cryptographic Architecture (JCA), Google Android 
Developers (GAD) using Android programming, 
and Google Android Security Discussions (GASD) 
have been analysed as they all are share the same 
Java-based API for cryptography [11]. 

In 2017, Babak Bashari Rad et al. presented an 
introduction to Docker and also analysed its 
performance by surveying literature of various 
authors. Docker Client and Server, Docker Images, 
Docker Registries, and Docker Containers are 
fundamental components of Docker. In comparison 
to virtual machines, it is far more advantageous to 
use Docker in terms of more speed, easily portable, 
scalability, higher density, etc [12]. 


In 2017, Minhaj Ahmad Khan and Khaled Salah 
surveyed and reviewed major security issues about 
IoT layered architecture and its protocols. Besides 
providing many advantages like controlling of 
appliances at home, predicting weather conditions, 
etc.by IoT; there are some flaws also, like more 
vulnerability to attacks, threat to confidentiality, 
authentication and integrity of data. Various issues 
regarding IoT at different layers have been 
discussed in this paper and suggestions to improve 
these issues using blockchain have been presented. 
[13] 

In 2017, Quanging Xu et al. discussed about 
vulnerability of docker images towards Denial-of- 
Service (DoS) attack and provided solutions by 
decentralizing the Docker Content Trust (DCT). 
Two approaches have been suggested, in first 
approach InterPlanetary File System (IPFS) has 
been used which is similar to BitTorrent. In second 
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approach, Blockchain based technology has been 
used. [14] In 2017, Adhitya Bhawiyuga et al. 
proposed a design to secure Message Queue 
Telemetry Transport (MQTT) using token based 
authentication in constrained devices. Publisher, 
subscriber, MQTT broker and JSON Web Token 
authentication server are prime components of the 
proposed design. As a result, the proposed design 
has been performed efficiently by authenticating 
valid and expired tokens in very less time [15]. In 
2017, Huseyin POLAT and Saadin OYUCU 
developed an M2M_— (Machine-to-Machine) 
platform using token-based authentication method 
with RestFul web services and NoSQL database. 
Token-based method has been used for session 
control and ID authentication. In the developed 
M2M platform, web services have been tested using 
a Google Chrome plug-in, namely, Advanced Rest 
Client [16]. In 2018, Seo Yeon Moon et al. 
described security issues in the form of threats to 
IoT technology. Proper and secure authentication 
among devices is the main aspect in IoT alongwith 
effective key management. With an application of 
lightweight encryption technology and reliable 
integrity process, the security of loT devices can be 
enhanced appropriately. [17]. In 2018, Mohammed 
Ali Al-Garadi et al. suggested about 
implementation of Machine Learning (ML) and 
Deep Learning (DL) to enhance the security 
measures of IoT. Consequently, ML/DL methods 
have been used to analyse the behaviour of devices 
(normal/abnormal) within JoT environment. 
Moreover, these methods are also helpful in 
predicting new unknown attacks by learning from 
existing examples. The applications of ML/DL 
methods have also been analysed at various IoT 
layers and reviewed [18]. In 2019, Cihan Atac and 
Sedat Akleylek provided comparison for IoT 
security in terms of authentication, integrity and 
vulnerability to various attacks. Several 
countermeasures have also been discussed in order 
to improve issues related to cybersecurity in oT. By 
implementing appropriate and effective methods, 
threats to attacks can be avoided significantly [19]. 
In 2019, Marco De Benedictis and Antonio Lioy 
presented a solution, named as Docker Integrity 
Verification Engine (DIVE), for integrity of cloud 
environment employing Docker containers. The 
proposed method has covered wide spectrum of 
lightweight virtual technologies as it has been based 
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on Linux kernel and has not any dependency at any 
specific container runtime. The main advantage of 
DIVE is its behaviour of detecting compromised 
container, so that it be stopped and replaced as early 
as possible without refreshing the whole system. It 
has also improved Remote Attestation efficiency 
and verified using OAT core tool [20]. In 2019, 
Yongfeng Yin et al. proposed an experimentation 
platform architecture design to analyse the 
effectiveness of cyber security based on Docker. In 
this method, various experimental environments 
and network topologies with flexible monitoring 
and faster test environment has been deployed for 
larger cyber simulation. Additional functions of 
cyber security have been further improved by using 
the proposed method [21]. 


In 2019, Mohammadreza Hazhirpasand et al. 
discussed about investigation of cryptographic 
APIs used by developers in terms of 2324 Java 
projects using CogniCrypt tool and GitHub for 
exploitation of Java Cryptographic Architecture 
(JCA). GitHub API (Application Programming 
Interface) search method has been deployed to 
check about the usage of crypto classes, by any 
project, specified in the CogniCrypt rule set. 
Without any API misuse, a project is said to be 
secure and not demented. The Java projects have 
been analysed in terms of four parameters, API 
diversity, number of projects, JCA commits, 
number of days committed by developer [22]. In 
2019, Abid Omar et al. implemented a Docker 
technology based platform for cyber physical 
production system to pre-process data using Fog 
computing method. The proposed method has 
implemented through Raspberry cards alongwith 
combination of Docker technology in terms of 
virtualization kubernetes in terms of container 
composition for improvement interoperability and 
scalability of Industry 4.0. Containers have been 
preferred over virtual machines as the containers are 
lighter and share the same operating systems among 
other containers. The proposed method has been 
proved to be efficient as the response time is less 
than 100 ms and flexible computation complexity 
[23]. 

Conclusion 


Nowadays, cryptography is used to protect sensitive 
information of many applications. Various 
encryption techniques and security tools are used 
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for mutual authentication and key management, so 
as to avoid vulnerabilities among data transfers. 
This paper has reviewed some of security tools such 
as JCA, Docker and Token-based authentication 
provided by several authors for proper authenticity 
and integrity of M2M devices using security tools. 
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